Argus PEP client API  2.3
profiles.h
Go to the documentation of this file.
1 /*
2  * Copyright (c) Members of the EGEE Collaboration. 2006-2010.
3  * See http://www.eu-egee.org/partners/ for details on the copyright holders.
4  *
5  * Licensed under the Apache License, Version 2.0 (the "License");
6  * you may not use this file except in compliance with the License.
7  * You may obtain a copy of the License at
8  *
9  * http://www.apache.org/licenses/LICENSE-2.0
10  *
11  * Unless required by applicable law or agreed to in writing, software
12  * distributed under the License is distributed on an "AS IS" BASIS,
13  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14  * See the License for the specific language governing permissions and
15  * limitations under the License.
16  */
17 
18 /*
19  * $Id$
20  * @author Valery Tschopp <valery.tschopp@switch.ch>
21  */
22 #ifndef _PEP_PROFILES_H_
23 #define _PEP_PROFILES_H_
24 
25 #ifdef __cplusplus
26 extern "C" {
27 #endif
28 
34 #include "xacml.h"
35 #include "pip.h"
36 #include "oh.h"
37 
50 /*
51  * Common XACML Authorization Profile version
52  */
53 static const char XACML_COMMONAUTHZ_PROFILE_1_1[]= "http://dci-sec.org/xacml/profile/common-authz/1.1";
55 static const char XACML_DCISEC_ATTRIBUTE_PROFILE_ID[]= "http://dci-sec.org/xacml/attribute/profile-id";
56 static const char XACML_DCISEC_ATTRIBUTE_SUBJECT_ISSUER[]= "http://dci-sec.org/xacml/attribute/subject-issuer";
57 static const char XACML_DCISEC_ATTRIBUTE_VIRTUAL_ORGANIZATION[]= "http://dci-sec.org/xacml/attribute/virtual-organization";
58 static const char XACML_DCISEC_ATTRIBUTE_GROUP[]= "http://dci-sec.org/xacml/attribute/group";
59 static const char XACML_DCISEC_ATTRIBUTE_GROUP_PRIMARY[]= "http://dci-sec.org/xacml/attribute/group/primary";
60 static const char XACML_DCISEC_ATTRIBUTE_ROLE[]= "http://dci-sec.org/xacml/attribute/role";
61 static const char XACML_DCISEC_ATTRIBUTE_ROLE_PRIMARY[]= "http://dci-sec.org/xacml/attribute/role/primary";
62 static const char XACML_DCISEC_ATTRIBUTE_RESOURCE_OWNER[]= "http://dci-sec.org/xacml/attribute/resource-owner";
63 static const char XACML_DCISEC_ACTION_NAMESPACE[]= "http://dci-sec.org/xacml/action";
64 static const char XACML_DCISEC_ACTION_ANY[]= "http://dci-sec.org/xacml/action/ANY";
65 static const char XACML_DCISEC_OBLIGATION_MAP_LOCAL_USER[]= "http://dci-sec.org/xacml/obligation/map-local-user";
66 static const char XACML_DCISEC_OBLIGATION_MAP_POSIX_USER[]= "http://dci-sec.org/xacml/obligation/map-local-user/posix";
67 static const char XACML_DCISEC_ATTRIBUTE_USER_ID[]= "http://dci-sec.org/xacml/attribute/user-id";
68 static const char XACML_DCISEC_ATTRIBUTE_GROUP_ID[]= "http://dci-sec.org/xacml/attribute/group-id";
69 static const char XACML_DCISEC_ATTRIBUTE_GROUP_ID_PRIMARY[]= "http://dci-sec.org/xacml/attribute/group-id/primary";
86 /*
87  * XACML Grid WN AuthZ Profile version
88  */
89 static const char XACML_GRIDWN_PROFILE_VERSION[]= "http://glite.org/xacml/profile/grid-wn/1.0";
91 /*
92  * XACML Grid WN AuthZ Attribute identifiers
93  */
94 static const char XACML_GRIDWN_ATTRIBUTE_PROFILE_ID[]= "http://glite.org/xacml/attribute/profile-id";
95 static const char XACML_GLITE_ATTRIBUTE_PROFILE_ID[]= "http://glite.org/xacml/attribute/profile-id";
96 static const char XACML_GLITE_ATTRIBUTE_SUBJECT_ISSUER[]= "http://glite.org/xacml/attribute/subject-issuer";
97 static const char XACML_GLITE_ATTRIBUTE_VOMS_ISSUER[]= "http://glite.org/xacml/attribute/voms-issuer";
98 static const char XACML_GLITE_ATTRIBUTE_VIRTUAL_ORGANIZATION[]= "http://glite.org/xacml/attribute/virtual-organization";
99 static const char XACML_GLITE_ATTRIBUTE_FQAN[]= "http://glite.org/xacml/attribute/fqan";
100 static const char XACML_GLITE_ATTRIBUTE_FQAN_PRIMARY[]= "http://glite.org/xacml/attribute/fqan/primary";
101 static const char XACML_GLITE_ATTRIBUTE_PILOT_JOB_CLASSIFIER[]= "http://glite.org/xacml/attribute/pilot-job-classifer";
102 static const char XACML_GLITE_ATTRIBUTE_USER_ID[]= "http://glite.org/xacml/attribute/user-id";
103 static const char XACML_GLITE_ATTRIBUTE_GROUP_ID[]= "http://glite.org/xacml/attribute/group-id";
104 static const char XACML_GLITE_ATTRIBUTE_GROUP_ID_PRIMARY[]= "http://glite.org/xacml/attribute/group-id/primary";
105 static const char XACML_GLITE_OBLIGATION_LOCAL_ENVIRONMENT_MAP[]= "http://glite.org/xacml/obligation/local-environment-map";
106 static const char XACML_GLITE_OBLIGATION_LOCAL_ENVIRONMENT_MAP_POSIX[]= "http://glite.org/xacml/obligation/local-environment-map/posix";
107 static const char XACML_GLITE_DATATYPE_FQAN[]= "http://glite.org/xacml/datatype/fqan";
109 /* deprecated identifier: bad naming */
110 static const char XACML_GRIDWN_ATTRIBUTE_SUBJECT_ISSUER[]= "http://glite.org/xacml/attribute/subject-issuer";
111 static const char XACML_GRIDWN_ATTRIBUTE_VIRTUAL_ORGANIZATION[]= "http://glite.org/xacml/attribute/virtual-organization";
112 static const char XACML_GRIDWN_ATTRIBUTE_FQAN[]= "http://glite.org/xacml/attribute/fqan";
113 static const char XACML_GRIDWN_ATTRIBUTE_FQAN_PRIMARY[]= "http://glite.org/xacml/attribute/fqan/primary";
114 static const char XACML_GRIDWN_ATTRIBUTE_PILOT_JOB_CLASSIFIER[]= "http://glite.org/xacml/attribute/pilot-job-classifer";
115 static const char XACML_GRIDWN_ATTRIBUTE_VOMS_ISSUER[]= "http://glite.org/xacml/attribute/voms-issuer";
116 static const char XACML_GRIDWN_ATTRIBUTE_USER_ID[]= "http://glite.org/xacml/attribute/user-id";
117 static const char XACML_GRIDWN_ATTRIBUTE_GROUP_ID[]= "http://glite.org/xacml/attribute/group-id";
118 static const char XACML_GRIDWN_ATTRIBUTE_GROUP_ID_PRIMARY[]= "http://glite.org/xacml/attribute/group-id/primary";
119 static const char XACML_GRIDWN_OBLIGATION_LOCAL_ENVIRONMENT_MAP[]= "http://glite.org/xacml/obligation/local-environment-map";
120 static const char XACML_GRIDWN_OBLIGATION_LOCAL_ENVIRONMENT_MAP_POSIX[]= "http://glite.org/xacml/obligation/local-environment-map/posix";
121 static const char XACML_GRIDWN_DATATYPE_FQAN[]= "http://glite.org/xacml/datatype/fqan";
139 /*
140  * XACML Authz Interop Subject/Attribute identifiers (XACML Authz Interop Profile 1.1)
141  */
142 static const char XACML_AUTHZINTEROP_SUBJECT_X509_ID[]= "http://authz-interop.org/xacml/subject/subject-x509-id";
143 static const char XACML_AUTHZINTEROP_SUBJECT_X509_ISSUER[]= "http://authz-interop.org/xacml/subject/subject-x509-issuer";
144 static const char XACML_AUTHZINTEROP_SUBJECT_VO[]= "http://authz-interop.org/xacml/subject/vo";
145 static const char XACML_AUTHZINTEROP_SUBJECT_CERTCHAIN[]= "http://authz-interop.org/xacml/subject/cert-chain";
146 static const char XACML_AUTHZINTEROP_SUBJECT_VOMS_FQAN[]= "http://authz-interop.org/xacml/subject/voms-fqan";
147 static const char XACML_AUTHZINTEROP_SUBJECT_VOMS_PRIMARY_FQAN[]= "http://authz-interop.org/xacml/subject/voms-primary-fqan";
149 /*
150  * XACML Authz Interop Obligation and Obligation/AttributeAssignment identifiers (XACML Authz Interop Profile 1.1)
151  */
152 static const char XACML_AUTHZINTEROP_OBLIGATION_UIDGID[]= "http://authz-interop.org/xacml/obligation/uidgid";
153 static const char XACML_AUTHZINTEROP_OBLIGATION_SECONDARY_GIDS[]= "http://authz-interop.org/xacml/obligation/secondary-gids";
154 static const char XACML_AUTHZINTEROP_OBLIGATION_USERNAME[]= "http://authz-interop.org/xacml/obligation/username";
155 static const char XACML_AUTHZINTEROP_OBLIGATION_AFS_TOKEN[]= "http://authz-interop.org/xacml/obligation/afs-token";
156 static const char XACML_AUTHZINTEROP_OBLIGATION_ATTR_POSIX_UID[]= "http://authz-interop.org/xacml/attribute/posix-uid";
157 static const char XACML_AUTHZINTEROP_OBLIGATION_ATTR_POSIX_GID[]= "http://authz-interop.org/xacml/attribute/posix-gid";
158 static const char XACML_AUTHZINTEROP_OBLIGATION_ATTR_USERNAME[]= "http://authz-interop.org/xacml/attribute/username";
159 static const char XACML_AUTHZINTEROP_OBLIGATION_ATTR_AFS_TOKEN[]= "http://authz-interop.org/xacml/attribute/afs-token";
202 
236 
239 #ifdef __cplusplus
240 }
241 #endif
242 
243 #endif
static const char XACML_AUTHZINTEROP_SUBJECT_VOMS_FQAN[]
XACML AuthZ Interop Subject/Attribute voms-fqan identifier (Datatype: string)
Definition: profiles.h:146
static const char XACML_GRIDWN_PROFILE_VERSION[]
XACML Grid WN AuthZ Profile version value [XACML Grid WN AuthZ 1.0, 3.1.1].
Definition: profiles.h:89
static const char XACML_GRIDWN_ATTRIBUTE_GROUP_ID[]
Definition: profiles.h:117
static const char XACML_DCISEC_ATTRIBUTE_VIRTUAL_ORGANIZATION[]
Common XACML Authorization Profile Subject/Attribute virtual-organization (VO) identifier.
Definition: profiles.h:57
static const char XACML_DCISEC_ATTRIBUTE_ROLE_PRIMARY[]
Common XACML Authorization Profile Subject/Attribute role/primary (VO) identifier.
Definition: profiles.h:61
static const char XACML_GRIDWN_DATATYPE_FQAN[]
Definition: profiles.h:121
static const char XACML_GLITE_ATTRIBUTE_FQAN_PRIMARY[]
XACML Grid WN AuthZ Subject/Attribute fqan/primary identifier.
Definition: profiles.h:100
Obligation Handler type.
Definition: oh.h:83
static const char XACML_DCISEC_OBLIGATION_MAP_LOCAL_USER[]
Common XACML Authorization Profile Obligation map-local-user identifier [Common XACML Authorization P...
Definition: profiles.h:65
static const char XACML_GLITE_OBLIGATION_LOCAL_ENVIRONMENT_MAP_POSIX[]
XACML Grid WN AuthZ Obligation local-environment-map/posix identifier [XACML Grid WN AuthZ 1...
Definition: profiles.h:106
static const char XACML_AUTHZINTEROP_OBLIGATION_ATTR_POSIX_GID[]
XACML AuthZ Interop Obligation/AttributeAssignment posix-gid identifier (C Datatype: string...
Definition: profiles.h:157
static const char XACML_DCISEC_ACTION_NAMESPACE[]
Namespace for the Common XACML Authorization Profile Action values.
Definition: profiles.h:63
static const char XACML_GRIDWN_OBLIGATION_LOCAL_ENVIRONMENT_MAP[]
Definition: profiles.h:119
static const char XACML_AUTHZINTEROP_OBLIGATION_ATTR_AFS_TOKEN[]
XACML AuthZ Interop Obligation/AttributeAssignment afs-token identifier (Datatype: base64Binary) ...
Definition: profiles.h:159
static const char XACML_GLITE_ATTRIBUTE_VOMS_ISSUER[]
XACML Grid WN AuthZ Subject/Attribute voms-issuer identifier [XACML Grid WN AuthZ 1...
Definition: profiles.h:97
static const char XACML_GRIDWN_ATTRIBUTE_FQAN[]
Definition: profiles.h:112
static const char XACML_GRIDWN_ATTRIBUTE_SUBJECT_ISSUER[]
Definition: profiles.h:110
PIP type.
Definition: pip.h:81
static const char XACML_AUTHZINTEROP_SUBJECT_X509_ISSUER[]
XACML AuthZ Interop Subject/Attribute subject-x509-issuer identifier (Datatype: string, OpenSSL format)
Definition: profiles.h:143
static const char XACML_GRIDWN_ATTRIBUTE_PROFILE_ID[]
Definition: profiles.h:94
static const char XACML_AUTHZINTEROP_OBLIGATION_ATTR_USERNAME[]
XACML AuthZ Interop Obligation/AttributeAssignment username identifier (Datatype: string) ...
Definition: profiles.h:158
static const char XACML_AUTHZINTEROP_OBLIGATION_ATTR_POSIX_UID[]
XACML AuthZ Interop Obligation/AttributeAssignment posix-uid identifier (C Datatype: string...
Definition: profiles.h:156
static const char XACML_DCISEC_ATTRIBUTE_GROUP_ID_PRIMARY[]
Common XACML Authorization Profile Obligation/AttributeAssignment group-id/primary (primary goupe nam...
Definition: profiles.h:69
static const char XACML_AUTHZINTEROP_SUBJECT_VOMS_PRIMARY_FQAN[]
XACML AuthZ Interop Subject/Attribute voms-primary-fqan identifier (Datatype: string) ...
Definition: profiles.h:147
static const char XACML_DCISEC_ATTRIBUTE_PROFILE_ID[]
Common XACML Authorization Profile Environment/Attribute profile-id identifier.
Definition: profiles.h:55
static const char XACML_GLITE_ATTRIBUTE_SUBJECT_ISSUER[]
XACML Grid WN AuthZ Subject/Attribute subject-issuer identifier.
Definition: profiles.h:96
static const char XACML_GRIDWN_ATTRIBUTE_VOMS_ISSUER[]
Definition: profiles.h:115
static const char XACML_GRIDWN_OBLIGATION_LOCAL_ENVIRONMENT_MAP_POSIX[]
Definition: profiles.h:120
static const char XACML_GLITE_ATTRIBUTE_FQAN[]
XACML Grid WN AuthZ Subject/Attribute fqan identifier.
Definition: profiles.h:99
static const char XACML_GLITE_OBLIGATION_LOCAL_ENVIRONMENT_MAP[]
XACML Grid WN AuthZ Obligation local-environment-map identifier [XACML Grid WN AuthZ 1...
Definition: profiles.h:105
static const char XACML_AUTHZINTEROP_OBLIGATION_AFS_TOKEN[]
XACML AuthZ Interop Obligation afs-token identifier (XACML Authz Interop: AFS Token) ...
Definition: profiles.h:155
static const char XACML_GRIDWN_ATTRIBUTE_FQAN_PRIMARY[]
Definition: profiles.h:113
static const char XACML_DCISEC_ATTRIBUTE_GROUP_PRIMARY[]
Common XACML Authorization Profile Subject/Attribute group/primary (VO) identifier.
Definition: profiles.h:59
static const char XACML_GLITE_ATTRIBUTE_GROUP_ID[]
XACML Grid WN AuthZ Obligation/AttributeAssignment group-id identifier [XACML Grid WN AuthZ 1...
Definition: profiles.h:103
static const char XACML_GLITE_ATTRIBUTE_PILOT_JOB_CLASSIFIER[]
XACML Grid WN AuthZ Action/Attribute pilot-job-classifer identifier.
Definition: profiles.h:101
static const char XACML_DCISEC_ACTION_ANY[]
Common XACML Authorization Profile Action ANY value.
Definition: profiles.h:64
static const char XACML_GRIDWN_ATTRIBUTE_GROUP_ID_PRIMARY[]
Definition: profiles.h:118
const pep_obligationhandler_t * gridwn2authzinterop_adapter_oh
Grid WN AuthZ Profile to AuthZ Interop Profile ObligationHandler adapter.
static const char XACML_GRIDWN_ATTRIBUTE_VIRTUAL_ORGANIZATION[]
Definition: profiles.h:111
static const char XACML_AUTHZINTEROP_SUBJECT_X509_ID[]
XACML AuthZ Interop Subject/Attribute subject-x509-id identifier (Datatype: string, OpenSSL format)
Definition: profiles.h:142
static const char XACML_GRIDWN_ATTRIBUTE_PILOT_JOB_CLASSIFIER[]
Definition: profiles.h:114
static const char XACML_GRIDWN_ATTRIBUTE_USER_ID[]
Definition: profiles.h:116
static const char XACML_GLITE_DATATYPE_FQAN[]
XACML Grid WN AuthZ fqan datatype [XACML Grid WN AuthZ 1.0, 3.7.1].
Definition: profiles.h:107
static const char XACML_GLITE_ATTRIBUTE_PROFILE_ID[]
XACML Grid WN AuthZ Environment/Attribute profile-id identifier.
Definition: profiles.h:95
const pep_pip_t * authzinterop2gridwn_adapter_pip
AuthZ Interop Profile to Grid WN AuthZ Profile PIP adapter.
static const char XACML_AUTHZINTEROP_OBLIGATION_SECONDARY_GIDS[]
XACML AuthZ Interop Obligation secondary-gids identifier (XACML Authz Interop: Multiple Secondary GID...
Definition: profiles.h:153
static const char XACML_AUTHZINTEROP_OBLIGATION_USERNAME[]
XACML AuthZ Interop Obligation username identifier (XACML Authz Interop: Username) ...
Definition: profiles.h:154
static const char XACML_COMMONAUTHZ_PROFILE_1_1[]
Common XACML Authorization Profile version 1.1 value.
Definition: profiles.h:53
static const char XACML_GLITE_ATTRIBUTE_GROUP_ID_PRIMARY[]
XACML Grid WN AuthZ Obligation/AttributeAssignment group-id/primary identifier [XACML Grid WN AuthZ 1...
Definition: profiles.h:104
static const char XACML_AUTHZINTEROP_SUBJECT_CERTCHAIN[]
XACML AuthZ Interop Subject/Attribute cert-chain identifier (Datatype: base64Binary) ...
Definition: profiles.h:145
static const char XACML_DCISEC_OBLIGATION_MAP_POSIX_USER[]
Common XACML Authorization Profile Obligation map-local-user/posix identifier.
Definition: profiles.h:66
static const char XACML_DCISEC_ATTRIBUTE_GROUP_ID[]
Common XACML Authorization Profile Obligation/AttributeAssignment group-id (user goupe name) identifi...
Definition: profiles.h:68
static const char XACML_AUTHZINTEROP_SUBJECT_VO[]
XACML AuthZ Interop Subject/Attribute vo identifier (Datatype: string)
Definition: profiles.h:144
static const char XACML_DCISEC_ATTRIBUTE_SUBJECT_ISSUER[]
Common XACML Authorization Profile Subject/Attribute subject-issuer identifier.
Definition: profiles.h:56
static const char XACML_GLITE_ATTRIBUTE_VIRTUAL_ORGANIZATION[]
XACML Grid WN AuthZ Subject/Attribute virutal-organization identifier.
Definition: profiles.h:98
static const char XACML_DCISEC_ATTRIBUTE_USER_ID[]
Common XACML Authorization Profile Obligation/AttributeAssignment user-id (username) identifier...
Definition: profiles.h:67
static const char XACML_DCISEC_ATTRIBUTE_ROLE[]
Common XACML Authorization Profile Subject/Attribute role (VO) identifier.
Definition: profiles.h:60
static const char XACML_DCISEC_ATTRIBUTE_GROUP[]
Common XACML Authorization Profile Subject/Attribute group (VO) identifier.
Definition: profiles.h:58
static const char XACML_AUTHZINTEROP_OBLIGATION_UIDGID[]
XACML AuthZ Interop Obligation uidgid identifier (XACML Authz Interop: UID GID)
Definition: profiles.h:152
static const char XACML_DCISEC_ATTRIBUTE_RESOURCE_OWNER[]
Common XACML Authorization Profile Resource/Attribute resource-owner identifier.
Definition: profiles.h:62
static const char XACML_GLITE_ATTRIBUTE_USER_ID[]
XACML Grid WN AuthZ Obligation/AttributeAssignment user-id identifier [XACML Grid WN AuthZ 1...
Definition: profiles.h:102